For identifying a subscriber in a mobile communication system like the Global System for Mobile Communication (GSM) or the Universal Mobile Telecommunication System (UMTS), an International Mobile Subscriber Identity (IMSI) is allocated uniquely and permanently to each subscriber. The IMSI is a number related to all network related subscriber information and is stored in the Subscriber Identity Module (SIM) that is located in a mobile device like a mobile phone of the subscriber. In addition, the IMSI is stored by a network server like the Home Location Register (HLR) and the serving Visitor Location Register (VLR). Unprotected transmission of the IMSI over the air interface between the mobile device and the radio access network should be kept as seldom as possible to prevent misuse, e.g. to prevent an eavesdropper from accessing the IMSI for relating calls non-ambiguously to the subscriber or to establish unauthorized roaming profiles of the subscriber.
Protection is introduced into the mobile communication system using temporary identities whenever possible. These identities are aliases of the IMSI and are changed from time to time with typically local significance. Examples for such temporary identities are the Temporary Mobile Subscriber Identity (TMSI) used for circuit-switched (CS) connections and the Packet TMSI (P-TMSI) for packet switched (PS) connections.
A mobile device registered to the mobile communication system is assigned a temporary identity by a network server like a Mobile service Switching Center (MSC) assigning the TMSI or a Serving General packet radio system Support Node (SGSN) assigning the P-TMSI. Depending on the configuration of the mobile communication system, an assignment of the temporary identity can be triggered by the registration of the mobile device to the network server, by a call attempt, a service activation, or a location update, which is issued when the mobile device changes its location area (LA) for CS connections or routing area (RA) for PS connections. The change of the LA or RA can be indicated to the network server by a change of a LA identity (LAI) or a RA identity (RAI) indicating the LA or RA, respectively. Other procedures triggering the assignment of a temporary identity are an expired or invalid temporary identity received by the network server.
The temporary identity as defined for GSM or UMTS is a number comprising predefined number blocks indicating a domain and a TMSI number. The so defined temporary identity has a bit length of 32 bit and is sometimes also named TMSI-Code (TIC). The number block representing the domain indicates whether the mobile device is registered in the CS or PS domain. According to the present definition, the first two bits are reserved for the number block domain. The temporary identity is sometimes used according to the TIC supplemented by a number block reserved for the LAI or the RAI for TMSI or P-TMSI, respectively. Also other implementations of the temporary identities exist, e.g. in some systems a TMSI generation may be included in the TIC for further assigning of already assigned TMSI numbers.
The 3GPP standard TS 29.002 v.4.2.1 (2000–12), chapter 8.1.4, for mobile communication systems allows to assign the temporary identity on a per network server base, i.e. each assigned temporary identity has to be unique for each network server. 3GPP standard TS24.008 v4.1.1 (2001–01), chapter 4.3.1 and chapter 9.2.15, for mobile communications suggests to assign the temporary identity on a per LA/RA-base, wherein the network server assigning the temporary identity considers also location information like the LAI or RAI and the temporary identity for a mobile device has to be unique within each LA or RA controlled by the network server, i.e. the same temporary identity that is assigned to a mobile device in a first LA of the network server can be assigned in a second LA of the network server for a further mobile device at the same time. Referring to the availability of temporary identities, i.e. the maximum number of possible combinations of temporary identities that can be assigned, the assignment on a per LA/RA base is favorable. For an assignment on a per network server base, the availability is limited by the number of combinations defined by the bit length of the TMSI number. Typically more than one LA or RA per network server exist and the availability of temporary identities for an assignment on a per LA/RA base is therefore much higher just because of the higher number of LA/RAs per network server.
The introduction of a core network server pool, in the following named server pool, provides more flexibility to the mobile communication system. In the server pool, many network servers are grouped such that a mobile device can register to and can be controlled by any of the network servers in the pool. The grouping can be achieved by connecting a controller of the access network with the network servers in the server pool such that the controller is connected to each network server in the server pool. Typically, there are many controllers in the access network that are connected to the network servers as described before. The server pool is especially advantageous in situations wherein a network server in the server pool fails, is overloaded, or reveals other disturbances. For such situations, the mobile device can be registered to and controlled by a further network server in the server pool thus improving resilience of the mobile communication system with server pool compared to the mobile communication system without server pool, i.e. a mobile communication system wherein each controller is connected to one network server only.
Owing to the fact that for a server pool one controller is connected to multiple network servers, the routing of messages from a mobile device to the network server the mobile device is registered in becomes more difficult. A server identifier is proposed to identify the network server in the server pool for routing a message from a mobile device. During registration of the mobile device to a first server of the server pool, the first server sends its server identifier to the mobile device. Messages from the mobile device to the first network server can be routed to the first network server by analyzing the server identifier in a controller of an access network the mobile device is attached to. According to the document Introducing flexibility to the lu interface, TSG-RAN Working Group Meeting #16, Windsor, UK, 16.–20. October, 2000, Agenda Item 12a), TSGR3#16(00)2586, the server identifier is proposed to be a part of the TMSI, e.g. the server identifier is included into the temporary identity. The server identifiers are allocated such that each network server has exactly one server identifier. A relation between the server identifiers and the network servers in the server pool can be used to identify the network server from the server identifier comprised in the messages from the mobile device for routing the messages to the network server.
The introduction of the server identifier is essential for the implementation of the server pool into the mobile communication system, because it provides a way to identify the network server for messages from the mobile device to the network server where the mobile device is registered. However, for the preferred implementation that the server identifier is included into the temporary identity, the availability of temporary identities is reduced when the number of network servers in the server pool is less than the number of server identifiers. The number of server identifiers is given by the value according to the bit length of the number block that is reserved within the temporary identity for including the server identifier. For example, a number block of 5 bit reserved for the server identifier relates to a maximum possible number of 25=32 network servers in the server pool. For the case, that the network servers in the server pool do not equal the maximum possible number of network servers, i.e. when less than 32 network servers are in the server pool, the fraction of the number of server identifiers exceeding the number of network servers in the server pool remains unused. Following the present example, a server pool with 6 network servers and 5 bit reserved for the server identifiers leads to a situation where 6 server identifiers are used for identifying uniquely the network serves in the server pool whereas 24 server identifiers are left unused. The same fraction of server identifiers that is left unused determines the reduction of the availability of the temporary identities in the server pool. Following the present example, 6/32 of the temporary identities can be assigned and 24/32 are excluded from being assigned. Only for the special case that 32 network servers are in the server pool, the maximum availability of temporary identities can be achieved.
In summary, the maximum availability can be only achieved when the number of network servers in the server pool equals the number of server identifiers defined by the bit length of the number block reserved for the server identifier. However, this limitation is not acceptable for an operator of a mobile communication system due to capacity and economic reasons.